How to Organize Annual Security Training in Your Company: Some Insights

Every year, cyber attacks cost businesses millions of dollars to deal with. It’s a problem that is growing as threats become more and more sophisticated. In fact it is believed that by 2021 cybercrime will cost the global economy $6 trillion a year.

You can’t afford not to invest in cyber security training. The risks to your business from cyber security threats include financial losses, theft of intellectual property, theft of customer information, systems brought down and rendered inoperable, loss of earnings, cost to fix the problem, reduced productivity while you try to restore systems, reputational damage, and the risk of legal action.

      Top Cyber Security Threats in 2018

Unfortunately, it’s been discovered that the leading cause of IT security issues within organizations come from employees. Usually this isn’t because of malicious intentions, but because employees have been careless, made mistakes or not had enough awareness to know how to identify a threat.

Your employees are your first line of defense against cyber criminals and everyone has a role to play, from the CEO to your most junior temp or intern. It is critical that everyone understands different types of threats and to be vigilant.

For example, your employees should know how to identify phishing scams where cyber criminals try to elicit company credentials such as login names and passwords by sending fake emails that look like they are from a legitimate source.

Another scam that is growing in popularity at the moment is invoices being sent demanding payments – sometimes from a business your company may have actually worked with in the past (this is most likely known becacuse that other business has been compromized) or it might be from a business that you’ve never heard of before. Many businesses are losing money because they have paid these invoices when they weren’t real.

Other times, employees can click on suspicious links and visit unsafe websites, or open attachments on emails that contain malware and viruses which can then spread to your systems.

Training your staff in cyber security awareness can help to reduce the threats that your company faces from cyber criminals as it builds a culture of security within your organization.

While it’s important that this information should form part of any induction training that you hold when new employees join your organization, it’s important that you conduct ongoing, annual training sessions. This ensures that information stays current and isn’t forgotten. It will also let you tailor your content as threats change and evolve, or if you notice any patterns and trends in incidents that your IT department is dealing with so you can address specific cyber security issues that your company seems to encounter more regularly.

A simple and easy way to deliver annual cyber security training to your employees is by using DeskAlerts. DeskAlerts is an internal communication software solution with a myriad of uses. You can use it to send pop-up notifications straight to your employees’ computer screens to bring urgent or important information to their attention, bypassing the email system.

In my organization, like many others, emails are routinely unread or ignored. We have a geographically diverse workforce who operate in different time zones. So we needed a solution to keep people informed.

DeskAlerts allows you to send rich content such as videos, text, pictures or HTML links to other information. You can use it to send hints and tips and reminders throughout the year about different types of cyber threats.

When it comes to annual security awareness training, once you have decided on the topics that you want to communicate to your employees, all you have to do is write it (or make a video about it, or link to where the content lives on your intranet site) and select the audience you would like to send it to.

You can send to your entire organization, or set to send to different niche audiences such as those who work in specific geographic areas. You can also schedule a time to send the content in advance.

DeskAlerts also comes equipped with surveys, quizzes and polls module that many organizations use to test their employees’ knowledge on specific subjects to determine where there is room for improvement. You can follow up immediately after you deliver your awareness training to determine what information has been retained.

You can use DeskAlerts to send hints and tips and reminders throughout the year about different types of cyber threats.

You can also use DeskAlerts to alert your employees when there is a known threat affecting other businesses.

Evaluation is also critical so you can determine how effective your training has been. DeskAlerts comes with an analytics panel that lets you see who has seen your alerts, who has completed any quizzes and what the results are.

If you find you have employees who aren’t participating, you can send them targeted messages reminding them to take the training or complete the quiz.